VIRY.CZ

Ten Zoek po dokonceni ma restartovat pc sam alebo to mam vypnut a restartovat ja? Pretoze posledny riadok v tom okne Zoek je "Create Backups 10:11:25,04", co uz je 30 minut odvtedy a nevsimol som si, ze ci to este dalej pracuje, tak sa radej spytam, ze ci to moze trvat aj tolko alebo to mam vypnut?

Tak nic sa nemenilo, tak som nakoniec restartoval pc sam, po restarte otvoril Zoek a bola tam moznost C:\zoek-result.log. Tak kopirujem tento log.


Zoek.exe v5.0.0.0 Updated 10-September-2014
Tool run by Monika on pi 12.09.2014 at 10:01:49,54.
Systém Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Monika\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12.9.2014 10:03:02 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully
HKEY_USERS\S-1-5-21-1229272821-1500820517-839522115-1003\Software\Microsoft\Internet Explorer\Explorer Bars\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{32683183-48a0-441b-a342-7c2a440a9478} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\ComPlus Applications deleted

Poprosim o FRST http://forum.viry.cz/viewtopic.php?f=13&t=133100

Nech sa paci, log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-09-2014
Ran by Monika (administrator) on HOME-NB on 12-09-2014 21:44:18
Running from C:\Documents and Settings\Monika\Desktop
Platform: Systém Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: Angličtina (USA)
Internet Explorer Version 6
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
() C:\WINDOWS\ATK0100\HControl.exe
(Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
(Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
(Motorola Inc.) C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files\Wireless Console 2\wcourier.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(ATK) C:\Program Files\Asus\Splendid\ACMON.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(ASUSTeK) C:\WINDOWS\system32\ACEngSvr.exe
() C:\WINDOWS\ATK0100\ATKOSD.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
() C:\WINDOWS\system32\acovcnt.exe
(forum.viry.cz) C:\Documents and Settings\Monika\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [HControl] => C:\WINDOWS\ATK0100\HControl.exe [110592 2006-08-23] ()
HKLM\...\Run: [igfxhkcmd] => C:\WINDOWS\System32\hkcmd.exe [77824 2006-02-07] (Intel Corporation)
HKLM\...\Run: [igfxpers] => C:\WINDOWS\System32\igfxpers.exe [118784 2006-02-07] (Intel Corporation)
HKLM\...\Run: [SigmatelSysTrayApp] => stsystra.exe
HKLM\...\Run: [SMSERIAL] => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [573440 2006-08-07] (Motorola Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [786521 2006-05-25] (Synaptics, Inc.)
HKLM\...\Run: [Wireless Console 2] => C:\Program Files\Wireless Console 2\wcourier.exe [987136 2005-10-17] ()
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [802816 2006-08-02] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [696320 2006-08-02] (Intel Corporation)
HKLM\...\Run: [ACMON] => C:\Program Files\ASUS\Splendid\ACMON.exe [811008 2006-05-30] (ATK)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
HKU\S-1-5-21-1229272821-1500820517-839522115-1003\...\MountPoints2: {bf8c7386-7a23-11e3-97c8-001a92c70923} - E:\urDrive.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: 192.168.1.2:3128
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dl ... R}&ar=home
SearchScopes: HKCU - {012E1000-F331-11DB-8314-0800200C9A66} URL = http://www.google.com/search?q={searchTerms}
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\System32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2014-01-09]

Chrome:
=======
CHR HomePage: Default ->
CHR CustomProfile: C:\Documents and Settings\Monika\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Peňaženka Google) - C:\Documents and Settings\Monika\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-12]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [434176 2006-08-02] (Intel Corporation) [File not signed]
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [327680 2006-08-02] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [937984 2006-08-02] (Intel Corporation ) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21419 2014-01-09] (Meetinghouse Data Communications) [File not signed]
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R1 eamon; C:\WINDOWS\System32\DRIVERS\eamon.sys [184664 2013-09-17] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R3 Epfwndis; C:\WINDOWS\System32\DRIVERS\Epfwndis.sys [38952 2013-09-17] (ESET)
R1 epfwtdi; C:\WINDOWS\System32\DRIVERS\epfwtdi.sys [61600 2013-09-17] (ESET)
S3 M3AD; C:\WINDOWS\System32\drivers\m3aux.sys [136832 2006-08-10] (Motorola Inc)
R3 MTsensor; C:\WINDOWS\System32\DRIVERS\ATKACPI.sys [5632 2005-02-17] ()
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R3 NETw3x32; C:\WINDOWS\System32\DRIVERS\NETw3x32.sys [1709696 2006-09-27] (Intel® Corporation)
R3 RTL8023xp; C:\WINDOWS\System32\DRIVERS\Rtlnicxp.sys [70144 2005-02-16] (Realtek Semiconductor Corporation )
S3 rtl8139; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [20992 2008-04-13] (Realtek Semiconductor Corporation)
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [12544 2006-08-02] (Intel Corporation) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1164600 2006-04-27] (SigmaTel, Inc.)
R3 SynMini; C:\WINDOWS\System32\Drivers\SynMini.sys [1116544 2006-08-09] ()
R3 SynScan; C:\WINDOWS\System32\Drivers\SynScan.sys [7808 2006-08-09] ()
S3 toshidpt; C:\WINDOWS\System32\drivers\Toshidpt.sys [3712 2005-07-11] (TOSHIBA Corporation.) [File not signed]
R3 tosporte; C:\WINDOWS\System32\DRIVERS\tosporte.sys [47488 2006-04-19] (TOSHIBA Corporation) [File not signed]
S3 Tosrfbd; C:\WINDOWS\System32\Drivers\tosrfbd.sys [110976 2006-05-18] (TOSHIBA CORPORATION) [File not signed]
S3 Tosrfbnp; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [37632 2006-03-16] (TOSHIBA Corporation) [File not signed]
R1 Tosrfcom; C:\WINDOWS\System32\Drivers\tosrfcom.sys [64896 2005-08-01] (TOSHIBA Corporation) [File not signed]
S3 Tosrfhid; C:\WINDOWS\System32\DRIVERS\Tosrfhid.sys [62848 2006-05-09] (TOSHIBA Corporation.) [File not signed]
S3 tosrfnds; C:\WINDOWS\System32\DRIVERS\tosrfnds.sys [18612 2005-01-06] (TOSHIBA Corporation.) [File not signed]
S3 TosRfSnd; C:\WINDOWS\System32\drivers\TosRfSnd.sys [52864 2006-03-15] (TOSHIBA Corporation) [File not signed]
S3 Tosrfusb; C:\WINDOWS\System32\Drivers\tosrfusb.sys [40192 2006-05-09] (TOSHIBA CORPORATION) [File not signed]
S4 IntelIde; No ImagePath
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-14] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 21:44 - 2014-09-12 21:44 - 00010604 _____ () C:\Documents and Settings\Monika\Desktop\FRST.txt
2014-09-12 10:10 - 2014-09-12 10:10 - 00000021 _____ () C:\folders.log
2014-09-12 10:02 - 2014-09-12 10:11 - 00002239 _____ () C:\zoek-results.log
2014-09-12 10:01 - 2014-09-12 10:11 - 00000000 ____D () C:\zoek_backup
2014-09-12 09:58 - 2014-09-12 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-09-12 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-09-12 09:54 - 2014-09-12 09:56 - 00000000 ____D () C:\AdwCleaner
2014-09-12 09:52 - 2014-09-12 09:52 - 01370467 _____ () C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe
2014-09-12 09:52 - 2014-09-12 09:52 - 01290240 _____ () C:\Documents and Settings\Monika\Desktop\zoek.exe
2014-09-12 09:46 - 2014-09-12 21:41 - 00045056 _____ () C:\WINDOWS\system32\acovcnt.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 21:44 - 2014-09-12 21:44 - 00010604 _____ () C:\Documents and Settings\Monika\Desktop\FRST.txt
2014-09-12 21:44 - 2014-01-09 19:43 - 00000000 ____D () C:\Documents and Settings\Monika\Local Settings\Temp
2014-09-12 21:44 - 2007-02-21 05:49 - 00000000 ____D () C:\FRST
2014-09-12 21:41 - 2014-09-12 09:46 - 00045056 _____ () C:\WINDOWS\system32\acovcnt.exe
2014-09-12 14:57 - 2014-01-09 21:10 - 01271334 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-12 14:29 - 2014-01-09 21:34 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-12 13:56 - 2014-01-09 21:34 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-12 13:56 - 2014-01-09 20:29 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-09-12 13:56 - 2014-01-09 20:29 - 00000051 _____ () C:\WINDOWS\wiaservc.log
2014-09-12 13:56 - 2014-01-09 19:39 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-12 13:56 - 2002-08-29 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-09-12 13:55 - 2014-01-09 19:43 - 00000178 ___SH () C:\Documents and Settings\Monika\ntuser.ini
2014-09-12 13:55 - 2014-01-09 19:42 - 00032562 _____ () C:\WINDOWS\SchedLgU.Txt
2014-09-12 10:11 - 2014-09-12 10:02 - 00002239 _____ () C:\zoek-results.log
2014-09-12 10:11 - 2014-09-12 10:01 - 00000000 ____D () C:\zoek_backup
2014-09-12 10:10 - 2014-09-12 10:10 - 00000021 _____ () C:\folders.log
2014-09-12 09:58 - 2014-09-12 09:58 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2014-09-12 09:56 - 2014-09-12 09:54 - 00000000 ____D () C:\AdwCleaner
2014-09-12 09:52 - 2014-09-12 09:52 - 01370467 _____ () C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe
2014-09-12 09:52 - 2014-09-12 09:52 - 01290240 _____ () C:\Documents and Settings\Monika\Desktop\zoek.exe
2014-09-12 09:48 - 2014-01-09 20:27 - 00360124 _____ () C:\WINDOWS\system32\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Documents and Settings\Monika\Local Settings\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:111.78 GB) (Free:68.98 GB) NTFS ==>[Drive with boot components (Windows XP)]

Available physical RAM: 2169.8 MB
Total physical RAM: 2935.23 MB
Percentage of memory in use: 26%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows XP) (Size: 111.8 GB) (Disk ID: A8D32665)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: ESET Smart Security 7.0 (Disabled - Up to date) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ESET personal firewall (Disabled) {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Documents and Settings\Monika\Desktop" je 26001 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS
"C:\Program Files\Messenger\msmsgs.exe" /background [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk
C:\PROGRA~1\Toshiba\BLUETO~1\TOSBTM~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x0


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"


[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe"="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe:*:Enabled:Google Chrome"
"C:\\Program Files\\Opera\\opera.exe"="C:\\Program Files\\Opera\\opera.exe:*:Enabled:Opera Internet Browser"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR"=dword:00000000


==================== End Of Log ==============================

Tvorba fixlistu pro FRST

• Spustte poznamkovy blok (Start-spustit-notepad)
• Zkopirujte skript nize

• Kód: Vybrat vše

  Start
  CloseProcesses:
  
  HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
  HKU\S-1-5-21-1229272821-1500820517-839522115-1003\...\MountPoints2: {bf8c7386-7a23-11e3-97c8-001a92c70923} - E:\urDrive.exe
  
  2014-09-12 10:10 - 2014-09-12 10:10 - 00000021 _____ () C:\folders.log
  2014-09-12 10:02 - 2014-09-12 10:11 - 00002239 _____ () C:\zoek-results.log
  2014-09-12 10:01 - 2014-09-12 10:11 - 00000000 ____D () C:\zoek_backup
  2014-09-12 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
  2014-09-12 09:54 - 2014-09-12 09:56 - 00000000 ____D () C:\AdwCleaner
  2014-09-12 09:52 - 2014-09-12 09:52 - 01370467 _____ () C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe
  2014-09-12 09:52 - 2014-09-12 09:52 - 01290240 _____ () C:\Documents and Settings\Monika\Desktop\zoek.exe
  
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe
  
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
  REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f
  
  Hosts:
  EmptyTemp:
  Reboot:
  End
  

• Ulozte vytvoreny TXT jako fixlist.txt
• Presunte vytvoreny fixlist vedle FRST

Spustte znovu FRST.exe

• Kliknete na Fix
• Probehne oprava a vytvori log Fixlog.txt

Restart PC a dejte mi sem fixlog.txt

Pripajam fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 11-09-2014
Ran by Monika at 2014-09-12 21:58:00 Run:1
Running from C:\Documents and Settings\Monika\Desktop
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
CloseProcesses:

HKLM\...99B7938DA9E4}\LocalServer32: [Default-wmiprvse] <==== ATTENTION!
HKU\S-1-5-21-1229272821-1500820517-839522115-1003\...\MountPoints2: {bf8c7386-7a23-11e3-97c8-001a92c70923} - E:\urDrive.exe

2014-09-12 10:10 - 2014-09-12 10:10 - 00000021 _____ () C:\folders.log
2014-09-12 10:02 - 2014-09-12 10:11 - 00002239 _____ () C:\zoek-results.log
2014-09-12 10:01 - 2014-09-12 10:11 - 00000000 ____D () C:\zoek_backup
2014-09-12 09:55 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-09-12 09:54 - 2014-09-12 09:56 - 00000000 ____D () C:\AdwCleaner
2014-09-12 09:52 - 2014-09-12 09:52 - 01370467 _____ () C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe
2014-09-12 09:52 - 2014-09-12 09:52 - 01290240 _____ () C:\Documents and Settings\Monika\Desktop\zoek.exe

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f
REG: reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\CLSID\{73E709EA-5D93-4B2E-BBB0-99B7938DA9E4}\LocalServer32\\Default => Value was restored successfully.
"HKU\S-1-5-21-1229272821-1500820517-839522115-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bf8c7386-7a23-11e3-97c8-001a92c70923}" => Key deleted successfully.
"HKCR\CLSID\{bf8c7386-7a23-11e3-97c8-001a92c70923}" => Key not found.
C:\folders.log => Moved successfully.
C:\zoek-results.log => Moved successfully.
C:\zoek_backup => Moved successfully.
C:\WINDOWS\system32\sqlite3.dll => Moved successfully.
C:\AdwCleaner => Moved successfully.
C:\Documents and Settings\Monika\Desktop\adwcleaner_3.309.exe => Moved successfully.
C:\Documents and Settings\Monika\Desktop\zoek.exe => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => Moved successfully.

========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM" /f =========


Operácie skončila úspešne.


========= End of Reg: =========


========= reg delete "HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS" /f =========


Operácie skončila úspešne.


========= End of Reg: =========

C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 173.5 MB temporary data.


The system needed a reboot.

==== End of Fixlog ====

Jak se chova PC

PC vyzera byt v poriadku.

Tak jeste uklidime

T-Cleaner http://vyosek.tym.cz/pro_usery/T-Cleaner.exe

• Stahnete a spustte
• Pro potvrzeni volby mackejte A, Enter
• Po pouziti utilitu smazte
• Antiviry touhou utilitu chybne oznacit jako vir - jedna se o falesny poplach - takze v pohode stahnete (pripadne vypnete pri stahovani antivir)

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner http://forum.viry.cz/viewtopic.php?t=7478
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za tyden

A pokud nejsou problemy ci dotazy, je to z me strany vse

PC som prebehol tymto poslednym cistenim a vyzera byt vsetko v poriadku. Rad by som sa podakoval za ochotu, pomoc a cas, ktory ste mi venovali.

Nemate zac, rad jsem pomohl Zase nekdy

A na zaklade Pravidla o zamykani temat